kandouing.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain kandouing.com is registered by proxy through ENOM, INC. and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Wilmington, Delaware within the United States which resides on the Black Lotus Communications network.
Remove Malware from kandouing.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Delaware, United States (US)

Create date:
Monday, March 24, 2014

Expires date:
Tuesday, March 24, 2015

Updated date:
Monday, March 24, 2014

ASN:
AS32421 BLCC - Black Lotus Communications

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.PaymentsInteractiveSL.E
100.00%

MicroWorld eScan
Gen:Variant.Application.Bundler.DomaIQ.3, Dropped:Application.Agent.EI, Dropped:Adware.Bundler.Offer.A
100.00%

McAfee
Adware-DomaIQ!87EAB94F6E66, RDN/Generic.bfr!et, CryptDomaIQ
100.00%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.DomalQ
100.00%

K7 Gateway Antivirus
Unwanted-Program , Trojan
100.00%

K7 AntiVirus
Unwanted-Program
100.00%

Agnitum Outpost
PUA.DomaIQ
100.00%

avast!
Win32:PUP-gen [PUP], Win32:Rootkit-gen [Rtk]
100.00%

Bitdefender
Gen:Variant.Application.Bundler.DomaIQ.3, Dropped:Application.Agent.EI, Dropped:Adware.Bundler.Offer.A
100.00%

NANO AntiVirus
Trojan.Win32.DomaIQ.ctadmg, Trojan.Win32.DomaIQ.cwydit, Riskware.Win32.Lolipop.cvxwnv
100.00%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DomaIQ.3, Dropped:Application.Agent.EI, Dropped:Adware.Bundler.Offer.A
100.00%

Sophos
DomainIQ pay-per install, Generic PUA IP
100.00%

F-Secure
Adware:W32/DomaIQ, Dropped:Application.Agent.EI
100.00%

Dr.Web
Trojan.DownLoader9.21779, Trojan.Packed.26446, Trojan.DownLoader9.51748
100.00%

VIPRE Antivirus
DomaIQ, Threat.4780044
100.00%

The domain kandouing.com has been seen to resolve to the following IP address.

May 1, 2014

File downloads found at URLs served by kandouing.com.

33 / 68    (Adware)
http://kandouing.com/.../Java.exe  (b24af637cec3015eeecc0d7e0002c09e)

29 / 68    (Adware)
http://kandouing.com/.../Java.exe  (9f2f39cc6c24592726507840353d8ca9)

29 / 68    (Adware)
http://kandouing.com/.../Java.exe  (9e998c630094b7d5f5fa53cf28b451cc)

URL:
http://kandouing.com/

Google Analytics:
UA-69192

Title:
“kandouing.com - Registered at Namecheap.com”

Web server:
nginx (ASP.NET,ARR/2.5,ASP.NET) (Version: 4.0.30319)

30 of 34 related domains

Remove Malware from kandouing.com - Powered by Reason Core Security